urlscan.io logo urlscan.io
SecurityTrails logo

therecord.media Open in urlscan Pro
2606:4700:4400::6812:20b5  Public Scan

Go To Rescan Add Verdict Report
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Submission: On August 24 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 23 domains to perform 123 HTTP transactions. The main IP is 2606:4700:4400::6812:20b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is therecord.media. The Cisco Umbrella rank of the primary domain is 308701.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.
This is the only time therecord.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 2606:4700:440... 13335 (CLOUDFLAR...)
1 34 151.101.66.152 54113 (FASTLY)
2 2a04:4e42:200... 54113 (FASTLY)
3 151.101.194.152 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 35.186.247.156 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
1 172.64.144.145 13335 (CLOUDFLAR...)
2 18.157.122.248 16509 (AMAZON-02)
9 23.53.43.58 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 37.252.171.52 29990 (ASN-APPNEX)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.232.216.40 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:2c40::c7... 209242 (CLOUDFLAR...)
123 28
39    2606:4700:4400::6812:20b5 (United States)

ASN13335 (CLOUDFLARENET, US)
therecord.media
cms.therecord.media
34    151.101.66.152 (United States)

ASN54113 (FASTLY, US)
www.scribd.com
de.scribd.com
s-f.scribdassets.com
html.scribdassets.com
wa.scribd.com
2    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
3    151.101.194.152 (United States)

ASN54113 (FASTLY, US)
wa.scribd.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    35.186.247.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
sentry.io
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:223f:7800:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    172.64.144.145 (United States)

ASN13335 (CLOUDFLARENET, US)
www.recordedfuture.com
2    18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
recordedfuture.matomo.cloud
9    23.53.43.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-58.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:d76 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
1    2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:4679 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6812:7641 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
3    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
cta-service-cms2.hubspot.com
forms.hubspot.com
2    18.232.216.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-216-40.compute-1.amazonaws.com
epsilon.6sense.com
1    2606:4700::6810:d5bf (United States)

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2606:2c40::c73c:6702 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
go.recordedfuture.com
Apex Domain
Subdomains		 Transfer
39 therecord.media
therecord.media — Cisco Umbrella Rank: 308701
cms.therecord.media — Cisco Umbrella Rank: 651246
1 MB
25 scribdassets.com
s-f.scribdassets.com — Cisco Umbrella Rank: 28672
html.scribdassets.com — Cisco Umbrella Rank: 28896
3 MB
12 scribd.com
www.scribd.com — Cisco Umbrella Rank: 23933
de.scribd.com — Cisco Umbrella Rank: 658475
wa.scribd.com — Cisco Umbrella Rank: 26656
65 KB
11 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5612
c.6sc.co — Cisco Umbrella Rank: 8464
ipv6.6sc.co — Cisco Umbrella Rank: 5885
b.6sc.co — Cisco Umbrella Rank: 3914
33 KB
5 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 7046
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6344
track.hubspot.com — Cisco Umbrella Rank: 2345
forms.hubspot.com — Cisco Umbrella Rank: 4602
24 KB
4 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 17460
recordedfuture.matomo.cloud
67 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
150 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 178
695 B
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 9269
593 B
2 recordedfuture.com
www.recordedfuture.com — Cisco Umbrella Rank: 633753
go.recordedfuture.com — Cisco Umbrella Rank: 347065
238 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
90 KB
2 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4924
20 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 7683
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2207
21 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4470
86 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2212
16 KB
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 465
573 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6490
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
253 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3101
253 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2439
1 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
123 23
Domain Requested by
33 therecord.media therecord.media
23 s-f.scribdassets.com de.scribd.com
s-f.scribdassets.com
6 wa.scribd.com s-f.scribdassets.com
browser.sentry-cdn.com
6 cms.therecord.media therecord.media
5 de.scribd.com therecord.media
de.scribd.com
s-f.scribdassets.com
4 b.6sc.co
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 j.6sc.co www.googletagmanager.com
therecord.media
j.6sc.co
3 www.googletagmanager.com therecord.media
www.googletagmanager.com
www.google-analytics.com
3 sentry.io browser.sentry-cdn.com
2 track.hubspot.com
2 epsilon.6sense.com j.6sc.co
2 ipv6.6sc.co j.6sc.co
2 c.6sc.co j.6sc.co
2 recordedfuture.matomo.cloud cdn.matomo.cloud
2 cdn.matomo.cloud therecord.media
2 connect.facebook.net s-f.scribdassets.com
connect.facebook.net
2 browser.sentry-cdn.com s-f.scribdassets.com
2 html.scribdassets.com de.scribd.com
1 go.recordedfuture.com
1 forms.hubspot.com js.hsleadflows.net
1 perf-na1.hsforms.com
1 cta-service-cms2.hubspot.com js.hubspot.com
1 js.hubspot.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 secure.adnxs.com j.6sc.co
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.recordedfuture.com therecord.media
1 www.facebook.com browser.sentry-cdn.com
1 www.scribd.com 1 redirects
123 35
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
*.scribd.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.scribdassets.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-02 -
2023-08-31		 3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-09-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-25		 10 months crt.sh
*.recordedfuture.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-03 -
2024-03-05		 a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
6sc.co
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
*.6sense.com
Amazon RSA 2048 M01		 2023-05-24 -
2024-06-21		 a year crt.sh
go.recordedfuture.com
GTS CA 1P5		 2023-06-26 -
2023-09-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://therecord.media/us-arrests-tornado-cash-cofounder
Frame ID: 0E651412F7454423C85AECD129A8A4B1
Requests: 79 HTTP requests in this frame

Frame: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Frame ID: 814EACD7FDAD5EA5B9F323D78B36E4D8
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

US arrests Tornado Cash co-founder, sanctions another who remains at large

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

99 %
HTTPS

70 %
IPv6

23
Domains

35
Subdomains

28
IPs

3
Countries

5163 kB
Transfer

9237 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv HTTP 302
  • https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv

123 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request us-arrests-tornado-cash-cofounder
therecord.media/ 		46 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
1a733e0203953f59ae18374fdc6fbb49a91b1297700196cf01b58ada61f95048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
s-maxage=60, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fbb1b018a7703ac-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 11:02:52 GMT
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
traceresponse
00-177e1f6e20241b713bea8af564a941c9-d11ac87032d1ad40-00
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
28, 1
x-debug-info
eyJyZXRyaWVzIjowfQ==
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-powered-by
Next.js
x-served-by
cache-iad-kiad7000110-IAD, cache-fra-eddf8230056-FRA
Tornado_Cash_mosh_a8b6978e23.jpg
cms.therecord.media/uploads/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.therecord.media/uploads/Tornado_Cash_mosh_a8b6978e23.jpg?w=1920
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a429e19ae0239a202ec24cf9c43bcde2b33843ff1726b13e05f3540ed11c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
traceresponse
00-177e4cd195b1565e323073ea0273835f-5fbcc3468491b90d-00
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
content-length
9277
last-modified
Wed, 23 Aug 2023 17:43:04 GMT
server
cloudflare
etag
"64e64528-243d"
vary
Accept-Encoding
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
content-type
image/jpeg
cache-control
max-age=300
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
cf-ray
7fbb1b036e3803ac-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
expires
Thu, 24 Aug 2023 11:07:52 GMT
adam_janofsky_371c8dde4c.jpg
cms.therecord.media/uploads/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.therecord.media/uploads/adam_janofsky_371c8dde4c.jpg?w=1920
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef74c2cbc1486fc7c99ab2d1597a7e3394f68f3f1c7279d1d5776dbe4f6601ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
traceresponse
00-177e4cd195c1569ca22839f8ba6759f0-bf3e1c11ec43cfd5-00
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
content-length
20256
last-modified
Mon, 28 Mar 2022 09:51:20 GMT
server
cloudflare
etag
"62418518-4f20"
vary
Accept-Encoding
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
content-type
image/jpeg
cache-control
max-age=300
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
cf-ray
7fbb1b036e3303ac-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
expires
Thu, 24 Aug 2023 11:07:52 GMT
The_Record_Centered_9b27d79125.svg
cms.therecord.media/uploads/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.therecord.media/uploads/The_Record_Centered_9b27d79125.svg?w=1920
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
traceresponse
00-177e4cd195cbcd27caf810b831a7bfae-41d67b67a5446b7c-00
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
last-modified
Thu, 12 Jan 2023 17:06:51 GMT
server
cloudflare
etag
W/"63c03e2b-1c5f"
vary
Accept-Encoding
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
content-type
image/svg+xml
cache-control
max-age=300
x-debug-info
eyJyZXRyaWVzIjowfQ==
cf-ray
7fbb1b036e2e03ac-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
expires
Thu, 24 Aug 2023 11:07:52 GMT
d05ae731d129fbf9.css
therecord.media/_next/static/css/ 		55 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ee2606d8749bf786d58c0d2c5f78e60ca6abd695e21ebd274fd28c560bcaf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
793141
traceresponse
00-177b7b75dac639abbd6cb806f0e6afa9-69d04072758601fc-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000043-IAD, cache-fra-eddf8230056-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"dd86-189d0b3578b"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b035e0f03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
6095, 1
ef46db3751d8e999.css
therecord.media/_next/static/css/ 		0
167 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/css/ef46db3751d8e999.css
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
586552
traceresponse
00-177c375a43ce99ddbed2429697229326-5d90fcd8a3b6a7df-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
content-length
0
x-served-by
cache-iad-kcgs7200091-IAD, cache-fra-eddf8230056-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"0-189d0b3578c"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
accept-ranges
bytes
cf-ray
7fbb1b035e1403ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
6855, 1
content
de.scribd.com/embeds/666818521/ Frame 814E
Redirect Chain
  • https://www.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
  • https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
235 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3220a852e0363bd4cac2489ce307ed992f147f460d3f9307a60b7cc80879bc4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://therecord.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21721
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
public, no-cache
content-encoding
br
content-length
60352
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 11:02:52 GMT
etag
W/"3220a852e0363bd4cac2489ce307ed99"
referrer-policy
strict-origin-when-cross-origin
server
nginx
status
200 OK
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, X-Language-Locale, X-Bot
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
c9a7e8e8baebe08d7579fb49e47cc4631fa843819fe1b1e26cec1f4c4605424b
x-runtime
0.145676
x-served-by
cache-fra-eddf8230125-FRA
x-timer
S1692874973.822970,VS0,VE2
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 24 Aug 2023 11:02:52 GMT
location
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
retry-after
0
server
Varnish
strict-transport-security
max-age=63072000; includeSubDomains
vary
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230125-FRA
rocket-loader.min.js
therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 21 Aug 2023 16:25:27 GMT
server
cloudflare
content-encoding
gzip
etag
W/"64e38ff7-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7fbb1b037e5a03ac-FRA
expires
Sat, 26 Aug 2023 11:02:52 GMT
Inter-SemiBold.ttf
therecord.media/fonts/ 		308 KB
150 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/fonts/Inter-SemiBold.ttf
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18c8f9dd241b0e362e04454ef-6e66b26f4e958dd4-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-eddf8230053-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"4d16c-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03becc03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
icomoon.ttf
therecord.media/icons/fonts/ 		5 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/icons/fonts/icomoon.ttf?l2zjlc
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18cd4dea3584aa52b0364489f-afeff677f63279f0-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100149-IAD, cache-fra-eddf8230065-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"1304-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03becd03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
Inter-Medium.ttf
therecord.media/fonts/ 		307 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/fonts/Inter-Medium.ttf
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18cd229f5cab9e99a6e7ac839-fcba278a27be2231-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000051-IAD, cache-fra-eddf8230112-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"4cd58-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03becf03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
Inter-Regular.ttf
therecord.media/fonts/ 		303 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/fonts/Inter-Regular.ttf
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18c16bd702c64053ac205afd0-e9810e559a3d51a9-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000092-IAD, cache-fra-eddf8230056-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"4ba44-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03bed103ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
Inter-ExtraBold.ttf
therecord.media/fonts/ 		309 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/fonts/Inter-ExtraBold.ttf
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18c7c9779eb262a453fc7f37c-145b47c269ae6bf7-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200106-IAD, cache-fra-eddf8230118-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"4d52c-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03bed303ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
Inter-Bold.ttf
therecord.media/fonts/ 		309 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://therecord.media/fonts/Inter-Bold.ttf
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://therecord.media/_next/static/css/d05ae731d129fbf9.css
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd18ca5787bc591b43b68ae0ea8-a2b75af617fe47ee-00
x-cache
MISS, MISS
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100134-IAD, cache-fra-eddf8230044-FRA
last-modified
Mon, 07 Aug 2023 15:47:33 GMT
server
cloudflare
etag
W/"4d2c4-189d0aea208"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b03bed403ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
_middlewareManifest.js
therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/ 		92 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/_middlewareManifest.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
1451400
traceresponse
00-177924c70771482f13ef3e25aa95c598-f3c6f60febb88827-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000101-IAD, cache-fra-eddf8230118-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"5c-189d0b35784"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b040f6603ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
5698, 1
_ssgManifest.js
therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/ 		99 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/_ssgManifest.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
1451400
traceresponse
00-177924c7369f53a95061e14ebc71ee70-7235610ec9124a72-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000032-IAD, cache-fra-eddf8230116-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"63-189d0b35784"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f6903ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
2, 4
_buildManifest.js
therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/ 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/8OjghiUWn17HqkgU7thXV/_buildManifest.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c61f5615faf576e5dcb4d523cb1963a847b2140c77cdc39483fb8d344f1a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
1116337
traceresponse
00-177a5584221a2e449e4ffba9bb58d620-840546d22c819be1-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200086-IAD, cache-fra-eddf8230023-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"4b7-189d0b35784"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f6c03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
8224, 1
%5B%5B...slug%5D%5D-65a9f88de2d73145.js
therecord.media/_next/static/chunks/pages/ 		71 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/pages/%5B%5B...slug%5D%5D-65a9f88de2d73145.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7dd34987dd16e75bc9d563140342927ddfa574871937f3fee35686922fa496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
500594
traceresponse
00-177c8587eaa39bd13f60c72d773b800e-1d90c1b5b80dc710-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200159-IAD, cache-fra-eddf8230115-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"11d81-189d0b35789"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7103ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
1986, 1
660-2f98ce714a723138.js
therecord.media/_next/static/chunks/ 		965 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/660-2f98ce714a723138.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59678d4894700c8b25fdc2f3e8458b35a6e22c0d99e6cb88e47416f562a3b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
3260364
traceresponse
00-1772b788d7414c0d5a73ed6e08575961-9497fdb6412e5464-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100027-IAD, cache-fra-eddf8230118-FRA
last-modified
Thu, 13 Jul 2023 07:34:13 GMT
server
cloudflare
etag
W/"f15ba-1894e2bfd8e"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7303ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
20165, 1
_app-2024e4aaf5b4a59e.js
therecord.media/_next/static/chunks/pages/ 		114 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/pages/_app-2024e4aaf5b4a59e.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
790656
traceresponse
00-177b7db886ae70bf8f44d724d67698ab-8655681715cbd76e-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100055-IAD, cache-fra-eddf8230043-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"1c769-189d0b35789"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7403ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
5487, 1
main-a054bbf31fb90f6a.js
therecord.media/_next/static/chunks/ 		98 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
1746976
traceresponse
00-177817f41e1f10c8d7aabe4e55e546fe-49bb79394e847096-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100095-IAD, cache-fra-eddf8230045-FRA
last-modified
Thu, 27 Jul 2023 11:48:00 GMT
server
cloudflare
etag
W/"186c8-189972d5f31"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7503ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
3004, 2
framework-5f4595e5518b5600.js
therecord.media/_next/static/chunks/ 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/framework-5f4595e5518b5600.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
1312992
traceresponse
00-1779a2a8a9725d962c1d11e6d58ee7f7-5626822e84ab4d84-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200081-IAD, cache-fra-eddf8230116-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"1fbbb-189d0b35788"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7803ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
9717, 2
webpack-5752944655d749a0.js
therecord.media/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/chunks/webpack-5752944655d749a0.js
Requested by
Host: therecord.media
URL: https://therecord.media/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
3201450
traceresponse
00-1772ed1daf4ba5a5465619a0c8c7a707-ed08227a363906f5-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100179-IAD, cache-fra-eddf8230039-FRA
last-modified
Thu, 13 Jul 2023 07:34:13 GMT
server
cloudflare
etag
W/"673-1894e2bfd96"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b041f7f03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
9156, 2
source_sans_pro_regular.latin.e8ecbdac.woff2
s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/regular/ Frame 814E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/regular/source_sans_pro_regular.latin.e8ecbdac.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b310f6ca0d12500d3d264aa9cc241256f55d65dbdb782485b5bd542d8ff97a8f

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
age
1324
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15956
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Aug 2023 21:15:24 GMT
x-timer
S1692874973.926318,VS0,VE0
etag
"9b771916b86a74a18a8bfc828256abe1"
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
x-cache-hits
38
source_sans_pro_600.latin.76017e81.woff2
s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/semibold/ Frame 814E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/semibold/source_sans_pro_600.latin.76017e81.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b9d5a62513a369a10224f1dc73a463dc165eb58bd798dbb4cb4810ca2b5c79f

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
age
1321
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
15860
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Aug 2023 21:15:24 GMT
x-timer
S1692874973.926632,VS0,VE0
etag
"1349b98cfec56640cdfdc2e5c2730939"
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
x-cache-hits
38
icons.d2ecf18b.woff2
s-f.scribdassets.com/webpack/assets/fonts/icons/ Frame 814E 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/icons/icons.d2ecf18b.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d1bb89b263061363ceb33944389da5dee8d2c2f13e98f02b898d6dc06b25b4ad

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
age
3182
x-amz-server-side-encryption
AES256
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26448
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Fri, 18 Aug 2023 21:15:23 GMT
x-timer
S1692874973.927109,VS0,VE0
etag
"023d1a1b4f8d6019b1ae1a9fa19483ac"
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
x-cache-hits
86
2.98112a9266f79b96ae94.css
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		350 KB
350 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/2.98112a9266f79b96ae94.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a9871378dc909adc434b3d57c8508d10c172b76e64cb2576aae7e70a7df2cec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:05 GMT
age
1445
x-timer
S1692874973.964236,VS0,VE0
etag
"d2609f5923228332955ebd6b7e4576ca"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
358518
x-cache-hits
2
3.0853070f54a379f202bb.css
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/3.0853070f54a379f202bb.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3d4a55ed4df5b9056b99c6997a232c5a5fdc05e2933dd82b7ef504fde87b0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
3117
x-timer
S1692874973.964441,VS0,VE0
etag
"d5f9e6fefa39a8f63be4035588f92d93"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
16369
x-cache-hits
18
8.83a56fff88adc05fbed5.css
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		396 B
491 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/8.83a56fff88adc05fbed5.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8b9c2be7aac023e9135024d20bcb49c9be6be7e0289664e99f996dc56102c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
2997
x-timer
S1692874973.964432,VS0,VE0
etag
"7f06885322ed5d23b87dcba15e169e67"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
396
x-cache-hits
15
embeds_new.94f4e6e2be38b3832a6f.css
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		229 KB
229 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/embeds_new.94f4e6e2be38b3832a6f.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2df2b5ceefd23dd833a8b9f668ecd8825f39f67d81b723f346c9fb94e6f369e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:56 GMT
age
3000
x-timer
S1692874973.964929,VS0,VE2
etag
"c733431b5154f46af16e3adf7f36978c"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
234284
x-cache-hits
1
101.852f7276c1543e68c778.css
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		42 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/101.852f7276c1543e68c778.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a48288df939d8937537687cd4e52bb4b2eaa4553b06f9c2ef94a2acc7e06d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
3184
x-timer
S1692874973.964865,VS0,VE0
etag
"61941df59b50b6cd88a969e2e3f6b7d0"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42888
x-cache-hits
81
exposed_to_client.js
de.scribd.com/options/ Frame 814E 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/options/exposed_to_client.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8f17ad07341326b7000c0ddc23226484b699cda0ee4881cf2e36bc2beb57e66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 varnish
x-permitted-cross-domain-policies
none
age
20
x-cache
HIT
status
200 OK
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1092
x-xss-protection
1; mode=block
x-request-id
02144c8b66131a5f80759e826bd60d199da3be4d5beba07753cddcdd49e9f23f
x-served-by
cache-fra-eddf8230125-FRA
x-runtime
0.004768
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1692874973.926077,VS0,VE1
etag
W/"a8f17ad07341326b7000c0ddc2322648"
x-download-options
noopen
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding, X-Language-Locale
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache
accept-ranges
bytes
x-cache-hits
1
jquery-3.3.1.min.js
s-f.scribdassets.com/javascripts/ Frame 814E 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/javascripts/jquery-3.3.1.min.js?2053571b2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:33:26 GMT
age
1442
x-timer
S1692874973.982091,VS0,VE0
etag
"a09e13ee94d51c524b7e2a728c7d4039"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
86927
x-cache-hits
11
react16.63d55263784387ae046b.dll.js
s-f.scribdassets.com/webpack/vendors/react16/ Frame 814E 		217 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/vendors/react16/react16.63d55263784387ae046b.dll.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9cd3d28d3be36021550a51ce1d85ce63cf1385383b48481981da767d6a6ba8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:15:23 GMT
age
3132
x-timer
S1692874973.981723,VS0,VE0
etag
"72745df9aa0cefa311c06142be859d23"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
221929
x-cache-hits
2
0.ef5f625ece999e95f950.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		499 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/0.ef5f625ece999e95f950.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a0a222faa2c0dabfd7dadc2fccfc6927ecd54f8836f1f260dbf1ca2700664a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:04 GMT
age
1442
x-timer
S1692874973.981976,VS0,VE0
etag
"8c8fb7aaf4d17228cf06a10ad7584f67"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
499
x-cache-hits
10
1.c4e7bfd693ac67ed9b20.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		144 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/1.c4e7bfd693ac67ed9b20.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
079fe7f9b80f1a0d14e71a2f165e6a16755344f4967054fe40bf6789cba5e9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Mon, 21 Aug 2023 22:06:48 GMT
age
3037
x-timer
S1692874973.981831,VS0,VE0
etag
"8afe637ab712cfdbf7255c6cdeb1896c"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
147937
x-cache-hits
18
2.0b47a97b3d53a07cda43.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		913 KB
914 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/2.0b47a97b3d53a07cda43.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c737febd14f7515dc46ce2beed2deab9fb143ee07a1954c041b0f461429c1d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:05 GMT
age
1439
x-timer
S1692874973.981677,VS0,VE0
etag
"524c0e3393863817bab86a006f1f0ae3"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
934830
x-cache-hits
2
3.920e72e41b949d42260c.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/3.920e72e41b949d42260c.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b09b2e5b9e018d2798069d620ee771bfd95104eee8df1984232c77700a692bcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Mon, 21 Aug 2023 22:06:49 GMT
age
515
x-timer
S1692874973.981738,VS0,VE0
etag
"f8cf1a35d61a65b30784feead201b7f5"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12205
x-cache-hits
7
4.61c0dfa1daed5122d87b.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		259 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/4.61c0dfa1daed5122d87b.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d35ac1a2897025e52f3200f8de969cba33aa793abb8986a362e121c08352821d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:05 GMT
age
1439
x-timer
S1692874973.982079,VS0,VE0
etag
"d403a40428c5ea9b4e343a138b7cc4a0"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
265119
x-cache-hits
2
6.fe8079583f7a44b8dc00.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/6.fe8079583f7a44b8dc00.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1711fd45fb826ea701d1bc942ca2831eb5a9e65d4e12e279d772ec707fb860f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
3022
x-timer
S1692874973.981649,VS0,VE0
etag
"e45877c835f0726d2819a66eed342474"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1426
x-cache-hits
17
7.fca330e72108a52ebf28.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/7.fca330e72108a52ebf28.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4300940f5b84d5732f7df86d472c23961aac9ec30cfeff3e6212f0129e4a5d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
2405
x-timer
S1692874973.982126,VS0,VE0
etag
"b93b6321a382e5d543912befc2d31037"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2408
x-cache-hits
14
8.1f4c0e35effd819a439d.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		292 KB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/8.1f4c0e35effd819a439d.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8475a0bfbe2b6af03e5c41083b793a11a56f2ff9b9a23ac0b755bc070df51d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:05 GMT
age
1408
x-timer
S1692874973.981973,VS0,VE2
etag
"859a124e1b42551a7d572c04223da45d"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
298750
x-cache-hits
1
9.1264a15e76a152803aca.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/9.1264a15e76a152803aca.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a112e69921f342a5e8d4f74259c57ee27ba7c9ccfe91fd63d0eb49d9a0ada43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
3006
x-timer
S1692874973.981649,VS0,VE0
etag
"6354182fe61613f65eebe17f5b4c18e2"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6202
x-cache-hits
15
embeds_new.71b1a6ed627642e9c7fd.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		189 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/embeds_new.71b1a6ed627642e9c7fd.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d52a47e1f838e87de146f42142f2aeaeae8780d2f7b0cc3e923b28ab1500469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Wed, 23 Aug 2023 21:34:06 GMT
age
1396
x-timer
S1692874973.964854,VS0,VE2
etag
"7245e4cce6e39ecfb6dbd685e0b39afd"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
193459
x-cache-hits
1
101.ae19e2bd3c0efccb8e40.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		178 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/101.ae19e2bd3c0efccb8e40.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f05f604b5bc5827cd379943a22d56150a7d9d444b6a9b3f16cb0b4f84f15cf5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:55 GMT
age
3110
x-timer
S1692874973.964751,VS0,VE0
etag
"0a05d771b227cd8ad6203274c030d89f"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
178
x-cache-hits
19
nova_styles_scribd.d327e88bb945a450c712.js
s-f.scribdassets.com/webpack/monolith/ Frame 814E 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/nova_styles_scribd.d327e88bb945a450c712.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72f3d082699ac4936a2eaf44314d20f1aeb7e234088bd36f863d64a131a18ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:52 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:16:56 GMT
age
3115
x-timer
S1692874973.964870,VS0,VE0
etag
"f7f41a6a141f16f62029938df20cc8ce"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1718
x-cache-hits
18
1-689cb80388.jpg
html.scribdassets.com/vqj3ehog0bcwnia/images/ Frame 814E 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://html.scribdassets.com/vqj3ehog0bcwnia/images/1-689cb80388.jpg
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61cc8966ac99c97a046a5ba81aa26e1b00b0dfb07003f47bc764b234ace14b5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
87KzazwBZUuSy089RjmZm.FXeTop_uPO
via
1.1 varnish, 1.1 varnish
date
Thu, 24 Aug 2023 11:02:53 GMT
x-amz-request-id
9EJ79BM6G06JVYK6
age
61327
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=173457 idim=699x904 ifmt=jpeg ofsz=50154 odim=699x904 ofmt=webp
content-disposition
inline;filename=1-689cb80388.jpg
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
50154
x-amz-id-2
gO/AMT5NbcVE5YBBMiaG2qYqyjBU3Q87wqSurhyjAfu53TFaJqVT3U5ncwnW7NTifBaZCTQw3kw=
x-served-by
cache-dfw-kdfw8210077-DFW, cache-fra-eddf8230029-FRA
server
nginx
x-timer
S1692874973.178322,VS0,VE1
etag
"acH2N+E5H4SdDKuucLivsIUAbes140M0ZX3MpGHTtwY"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
10, 1
csrf_token
de.scribd.com/ Frame 814E 		103 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/csrf_token
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.0b47a97b3d53a07cda43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a676aed704bd951a57a3984cc3321cfb7cbb84423e1971359b8c598cd694cf90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-debug
XHR
x-permitted-cross-domain-policies
none
via
1.1 varnish
x-cache
MISS
status
200 OK
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-xss-protection
1; mode=block
x-request-id
938741e9bf0811dbd3cf6606144020527950405ec34a11ce0f3776af71d1583d
x-served-by
cache-fra-eddf8230055-FRA
x-runtime
0.002686
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1692874973.252223,VS0,VE139
etag
W/"a676aed704bd951a57a3984cc3321cfb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, X-Language-Locale
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
csrf_token
de.scribd.com/ Frame 814E 		103 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/csrf_token
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.0b47a97b3d53a07cda43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
afd5e3f132027bd508d1e1b1dc588201361d0b5d6e506f4dd505cda95df7773e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-debug
XHR
x-permitted-cross-domain-policies
none
via
1.1 varnish
x-cache
MISS
status
200 OK
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-xss-protection
1; mode=block
x-request-id
1ccc2f255b7b21f6402ac8ebc5aaca4fb0e20e3e9b8b54ac09dc8413768f8eeb
x-served-by
cache-fra-eddf8230055-FRA
x-runtime
0.004297
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1692874973.290226,VS0,VE120
etag
W/"afd5e3f132027bd508d1e1b1dc588201"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, X-Language-Locale
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bundle.min.js
browser.sentry-cdn.com/7.19.0/ Frame 814E 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.71b1a6ed627642e9c7fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1dbf4a2619ad865a2bd677ca5f72b04141d33349241188e7815876c338414d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Nov 2022 15:50:35 GMT
server
Fastly
age
24691360
etag
"991179f6b28b6971d59ce6e652d0432a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18844
expires
Sat, 11 Nov 2023 16:20:13 GMT
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de.scribd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
date
Thu, 24 Aug 2023 11:02:53 GMT
server
envoy
strict-transport-security
max-age=31536000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
1
x-served-by
cache-fra-eddf8230074-FRA
sdk.js
connect.facebook.net/en_US/ Frame 814E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/3.920e72e41b949d42260c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14b00febe987d71958faca829545db59a11090c9e5dde8e5140a24418de55f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 11:02:53 GMT
content-md5
Q+9nQPGGIafJlzXhXrKHBg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-debug
W2D5fazmSF6+7p0EzeXCrUQKX0cFPP7bWu/CzIukgwBiaT+PNf5JP9XHOu3z2DtTCbGVrzRJp71t/KUIUE3cyQ==
x-fb-content-md5
e5c41aed7390da73acbc36d51bc8c758
cross-origin-opener-policy
same-origin-allow-popups
etag
"ebbb0da1e4de3ab5a740bab8e0120959"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 24 Aug 2023 11:22:40 GMT
4-27bd7739df.jsonp
html.scribdassets.com/vqj3ehog0bcwnia/pages/ Frame 814E 		377 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://html.scribdassets.com/vqj3ehog0bcwnia/pages/4-27bd7739df.jsonp
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5585d6425d2cf3e7f0518aec3259524fa12f776d368f7c61dbcd542d397a857e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
QxfAweJ1wxoj8g6ng5xIz.sbahTHxDzz
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 24 Aug 2023 11:02:53 GMT
x-amz-request-id
9EJET6J0QGH0AGPM
age
61327
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-disposition
inline;filename=4-27bd7739df.jsonp
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
275
x-amz-id-2
5Ojivzv6NFEPQYWQSFbWBzv2gAgaipcpAwRet2crdZp2DPk102Ze4vxPRggupEhwBuxZLkWaRDQ=
x-served-by
cache-dfw-kdfw8210055-DFW, cache-fra-eddf8230029-FRA
last-modified
Wed, 23 Aug 2023 17:09:04 GMT
server
nginx
x-timer
S1692874973.374166,VS0,VE1
etag
"88dc45c6e66399396abccda45e36f8d6"
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
11, 1
scribd_logo_horiz_small.svg
s-f.scribdassets.com/images/ Frame 814E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-f.scribdassets.com/images/scribd_logo_horiz_small.svg
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.94f4e6e2be38b3832a6f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce26ce80e2600bac966a056baf7f56e2846350d5d3674d8a2a01adfc4700c329

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s-f.scribdassets.com/webpack/monolith/embeds_new.94f4e6e2be38b3832a6f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Thu, 24 Aug 2023 11:02:53 GMT
via
1.1 varnish
last-modified
Fri, 18 Aug 2023 21:15:42 GMT
age
2983
x-timer
S1692874973.386360,VS0,VE0
etag
"326b393f5f4aeebdd2fe7b1944708277"
x-amz-server-side-encryption
AES256
x-cache
HIT
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3010
x-cache-hits
8
events
wa.scribd.com/api/v1/ Frame 814E 		40 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.0b47a97b3d53a07cda43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230055-FRA
date
Thu, 24 Aug 2023 11:02:53 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
server
envoy
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 814E 		40 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.0b47a97b3d53a07cda43.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230055-FRA
date
Thu, 24 Aug 2023 11:02:53 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
server
envoy
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de.scribd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
date
Thu, 24 Aug 2023 11:02:53 GMT
server
envoy
strict-transport-security
max-age=31536000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
0
x-served-by
cache-fra-eddf8230074-FRA
location
de.scribd.com/login/ Frame 814E 		98 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/login/location
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/javascripts/jquery-3.3.1.min.js?2053571b2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bae3305d5151d595126e6dc587caf9a0b5d9b118789e5466674d44ead9799a9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://de.scribd.com/embeds/666818521/content?start_page=1&view_mode=scroll&access_key=key-Sq3XJxwIzNofF2hWP3Mv
X-Requested-With
XMLHttpRequest
X-Tried-CSRF
1
accept-language
de-DE,de;q=0.9
X-CSRF-Failed
3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 11:02:53 GMT
x-debug
XHR
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 varnish
x-cache
MISS
status
200 OK
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-xss-protection
1; mode=block
x-request-id
78e3245003395a7bb6def15b39040557d091cca844236f1bb17d3f2898da8c80
x-served-by
cache-fra-eddf8230055-FRA
x-runtime
0.006162
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-timer
S1692874973.471501,VS0,VE143
etag
W/"bae3305d5151d595126e6dc587caf9a0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, X-Language-Locale
content-type
application/json; charset=utf-8
cache-control
private, no-store
accept-ranges
bytes
x-cache-hits
0
rewriteframes.min.js
browser.sentry-cdn.com/7.19.0/ Frame 814E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/7.19.0/rewriteframes.min.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.71b1a6ed627642e9c7fd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f6d1c4aa4948cbb16037959abb65de33038714d3c1fcf977d90eb02a8e50814b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Nov 2022 15:50:35 GMT
server
Fastly
age
6560785
etag
"53c740a2171f2626aa4596a10cf7411e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1141
expires
Sat, 08 Jun 2024 12:36:27 GMT
sdk.js
connect.facebook.net/en_US/ Frame 814E 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=007cc5f1724a96dd30eaa66f4eed0e82
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
522c4e6492b687b190d93dbbd87e064351d018ca584808a65d614eae19eb2bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 11:02:54 GMT
content-md5
n0cDVWtXFL4SNgwE6+iu9w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88828
x-fb-debug
ieOLFoMFLbNmZ252POiT2bT7dp4okSko1t6YZg0TTRz6RZltokL9N3Y0FZ4VhJBmi2PzyIgfeXGTX6izbMbDyA==
x-fb-content-md5
dc277f6f7883841e6b7177f754aeb047
cross-origin-opener-policy
same-origin-allow-popups
etag
"f52f137a228c9b22263318fa59fa1bef"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 23 Aug 2024 09:49:06 GMT
/
sentry.io/api/282187/envelope/ Frame 814E 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/282187/envelope/?sentry_key=21588782029b459685064c03453673ff&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/282187/envelope/ Frame 814E 		2 B
60 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/282187/envelope/?sentry_key=21588782029b459685064c03453673ff&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
/
sentry.io/api/282187/envelope/ Frame 814E 		198 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/282187/envelope/?sentry_key=21588782029b459685064c03453673ff&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 24 Aug 2023 11:02:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-sentry-rate-limits
18:default;error;security:key:key_quota
retry-after
18
status
www.facebook.com/x/oauth/ Frame 814E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Ftherecord.media&client_id=136494494209&input_token&origin=1&redirect_uri=https%3A%2F%2Fde.scribd.com%2Fembeds%2F666818521%2Fcontent%3Fstart_page%3D1%26view_mode%3Dscroll%26access_key%3Dkey-Sq3XJxwIzNofF2hWP3Mv&sdk=joey&wants_cookie_data=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 24 Aug 2023 11:02:54 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
xKlKvf4/2rUQTw5XgIAryRJrF7KTiawrm+AC63rn1/doVIf3xr+K6CkaZdn9q/dCVZvO9fjagZIxR/HHe/OZfw==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://de.scribd.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5490b7bdcb3f09e2af0ad9c832d2c2168ad0a2b59f9af5b550137cb949eede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62467
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 11:02:54 GMT
matomo.js
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 06:03:01 GMT
x-amz-version-id
T3VVylcW4ZUVSABprJtJmBafSdXY4jAi
content-encoding
gzip
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
17994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 07 Feb 2023 02:15:06 GMT
server
AmazonS3
etag
W/"3e98a39e2d8f2b464999b40df3c2172d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
zHrcweOVdElyewG9xLf3ACKPhskEFrLlc7VqNPNUGOsdq0Am0XSbRw==
container_41sBJe2I.js
cdn.matomo.cloud/recordedfuture.matomo.cloud/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/recordedfuture.matomo.cloud/container_41sBJe2I.js
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7800:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 06:21:17 GMT
x-amz-version-id
Xp.qiLs.ZhMcRdIRto4WxBiX5kNGHcfO
content-encoding
gzip
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
16897
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 17 Apr 2023 04:07:33 GMT
server
AmazonS3
etag
W/"839ec9cd752c4e512960109f6ac6b404"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
w1iv6m6DlJHOAI3keOtaSjYJcKGxpbN9cf2ywpUtF9GyrARXp5XA2Q==
articles
cms.therecord.media/api/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3453&filters[date][$lte]=2023-08-23T17%3A40%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Adesc
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/660-2f98ce714a723138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
6361d4ca5755da11baea60a0b2505efd61cc5cac97ea72f6fc09a75555236a78
Security Headers
Name Value
Content-Security-Policy img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-security-policy
img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
traceresponse
00-177e4cd1f6dbf4fe27355a00a2c025ed-cb365d11562b4e86-00
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://therecord.media
x-download-options
noopen
x-debug-info
eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials
true
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
cf-ray
7fbb1b0dad1a6915-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
articles
cms.therecord.media/api/ 		22 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.therecord.media/api/articles?populate[0]=categories&populate[1]=categories.page&populate[2]=editor&populate[3]=editor.page&populate[4]=image&populate[5]=image.desktop&populate[6]=image.tablet&populate[7]=image.mobile&populate[8]=tags&populate[9]=tags.page&populate[10]=page&filters[id][$ne]=3453&filters[date][$gte]=2023-08-23T17%3A40%3A00.000Z&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&pagination%5BpageSize%5D=1&sort%5B0%5D=date%3Aasc
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/660-2f98ce714a723138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
34b064bc22045cb382405207509aa00b699f8904d496f5d75605f5dd9c89d93f
Security Headers
Name Value
Content-Security-Policy img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-security-policy
img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
traceresponse
00-177e4cd1f6ef4db1c02cbdaa9410eefb-a60a1e8c9c9cc781-00
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://therecord.media
x-download-options
noopen
x-debug-info
eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials
true
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
cf-ray
7fbb1b0dad1e6915-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
articles
cms.therecord.media/api/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.therecord.media/api/articles?fields[0]=title&fields[1]=date&fields[2]=publishedAt&filters[isBrief][$eq]=true&filters[page][id][$notNull]=true&filters[page][publishedAt][$notNull]=true&filters[$and][0][$or][0][showFrom][$null]=true&filters[$and][0][$or][1][showFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&filters[$and][1][$or][0][listingShowFrom][$null]=true&filters[$and][1][$or][1][listingShowFrom][$lte]=2023-08-24T11%3A02%3A54%2B00%3A00&populate[page][fields][0]=slug&sort[0]=date%3Adesc&pagination[limit]=9
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/660-2f98ce714a723138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
ff343d0b208c9edddd590cb86136579d48b7dad0660ef2f64281ebda39d660d9
Security Headers
Name Value
Content-Security-Policy img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-security-policy
img-src * data: blob: https://market-assets.strapi.io;connect-src 'self' https:;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-encoding
br
traceresponse
00-177e4cd1eaf0b14319a6ddd517b9b8fb-e73921fb226b3b5d-00
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
x-platform-processor
yzs7ggztuurocnodlgeyqu6sde
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://therecord.media
x-download-options
noopen
x-debug-info
eyJyZXRyaWVzIjowfQ==
access-control-allow-credentials
true
x-platform-cluster
r6uchqjqwmfqi-production-vohbr3y
cf-ray
7fbb1b0dad1f6915-FRA
x-platform-router
qk5ll65emgqnxbcwb6fko7g64m
research
www.recordedfuture.com/feed/ 		531 KB
153 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.recordedfuture.com/feed/research
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/660-2f98ce714a723138.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9178fc9b6f97f7fccee4baa65c3cd25b1a8cc5d6d5780efeb7968f9f32f26d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/rss+xml
Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-platform-server
i-72f68d9e5fc844fb8d11227fc18ff9f4, i-72f68d9e5fc844fb8d11227fc18ff9f4
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
1387
traceresponse
00-177e4b8eafd98346a8a2bd3bec960541-472cc90b30dd7550-00
x-cache
HIT
foo
bar
content-length
156459
x-served-by
cache-ams21062-AMS
server
cloudflare
vary
Accept-Encoding
content-type
text/xml
access-control-allow-origin
*
x-debug-info
eyJyZXRyaWVzIjowfQ==
accept-ranges
bytes
cf-ray
7fbb1b0ddbe22685-TXL
x-cache-hits
1
government.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/government.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211f58ad68b988642c5226dc1ef813eb1dc34f4949559ee839be6b894a22a401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
35
traceresponse
00-177e2d9df5d5570abcde74404d8a4d7c-93d95592afce4d8f-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100085-IAD, cache-fra-eddf8230039-FRA
server
cloudflare
etag
W/"1c5e-M8FAHkwdPZtxOujvpFTwhZ2b4t8"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadf503ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
180, 1
news.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/news.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7023986e7a9d6fdb7fc515630541d9be6bd7bbef47389c1f14bd83eecac0b040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
11
traceresponse
00-177e4b972eb9fd7102ccd3218697c410-da9c67f3587cdb1b-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-eddf8230118-FRA
server
cloudflare
etag
W/"1c3e-fy6DEwy6p9QOo/+4MvIFCX1jpnY"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadf803ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
39, 1
subscribe.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/subscribe.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095f8f076fd57fd6f6192956a6b4248bdd758e9fbb0435270a735b0797081235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e35feb927471e99033b53034e7f05-1f07c581213cdfad-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200030-IAD, cache-fra-eddf8230118-FRA
server
cloudflare
etag
W/"1f1e-ONJFj8yCCaj9y/AFBFMXU9kPCFA"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadf903ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
52, 1
contact.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/contact.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556df5f008942a56a86bdebc03321b47480063fe98b99cb327366c5256d6dee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e2bd31753777e9fae28aea4dbd85f-c426cabbffa82808-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000142-IAD, cache-fra-eddf8230023-FRA
server
cloudflare
etag
W/"2157-cHleDi9tx37jlf4cQp0SwYXv2Sk"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadfa03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
2, 1
podcast.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/ 		149 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/podcast.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fe8a03c997dec3ecfd2e02fe7e9f6770011a4c8e9ea3efd668199286e57dd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
58
traceresponse
00-177e3c2e38df4f118dca0bed50ba2753-acd352ca02d03565-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000040-IAD, cache-fra-eddf8230043-FRA
server
cloudflare
etag
W/"25410-YfaHXupxy+0yGR7PmMUSlbdXeXU"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadfc03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
607, 1
about.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/ 		41 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/about.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf0a9a1a36e4b44c5559a8dbe24d0682a9a6b1510eec7736ce87d6b211f301c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e3cd898d6d6c50891c723e984c3c0-e60ef1ac386b7211-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200074-IAD, cache-fra-eddf8230116-FRA
server
cloudflare
etag
W/"a46b-GRrTs76YEF7c5KdbC+BpVJfobpQ"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadfd03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
496, 1
technology.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/technology.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be05a5ae65c9f1503ea8c0fde247c5eab10e5958f789c89a87445330b22c62e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e3fdc011a08eab77fd6b12e374e95-a0339f588f7a43f1-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200068-IAD, cache-fra-eddf8230065-FRA
server
cloudflare
etag
W/"1c59-EZ3ok0TsvM/ai5K93qrj7g2+WDM"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dadff03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
114, 1
people.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/people.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd00743c85dd2aa113bdf3ede6fb1e37f6950c3f7b436c01fa9dea55d454186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e2bd3182f789a38bf4008fe7d712e-53b771ff072f5650-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000161-IAD, cache-fra-eddf8230045-FRA
server
cloudflare
etag
W/"1c45-f644676Tk1KfsMkoF/xGfxieMaE"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dae0103ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
2, 306
nation-state.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/nation-state.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995d8d7f5fead6ae54991a8d6efe58bef201d6e9120245253bb68e6aa3ac860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
26
traceresponse
00-177e2bd3176c2b43b931da7172d1d893-be90a026127e8a3e-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100129-IAD, cache-fra-eddf8230118-FRA
server
cloudflare
etag
W/"1c62-h33Ds466qf6RkibgcJKrLOw+JXM"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dae0203ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
2, 1
cybercrime.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/cybercrime.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f08a382033989fb9a71da27e0fe90fec75944b71dd6d567dc803138b935fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
58
traceresponse
00-177e35feba8afb4ff0ddcb1cd1e42b0e-bc47f712eb797270-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kcgs7200170-IAD, cache-fra-eddf8230053-FRA
server
cloudflare
etag
W/"1c59-kwRNrCraUZH093BCS3fucuAvYEw"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dae0303ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
96, 1
leadership.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/news/leadership.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fdfd82672c8467fa37b98ac9080627b3fec34428876b4f587168b73189bf532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
58
traceresponse
00-177e1f7a1bc5e26259dcc6de54bbcb86-20061015d3d9c603-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kjyo7100145-IAD, cache-fra-eddf8230112-FRA
server
cloudflare
etag
W/"1c59-FB2aIXlZBT0OGJpMjycInUcGnf8"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dce4203ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
4, 1
index.json
therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/ 		52 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/data/8OjghiUWn17HqkgU7thXV/index.json
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60166a8b139130d25fff588b408fd484be1d66f2892980ebada3fabbc100a22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
40
traceresponse
00-177e35feba8a32f0ed30d25ed7f22385-af509a86ed53ff62-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
x-served-by
cache-iad-kiad7000151-IAD, cache-fra-eddf8230044-FRA
server
cloudflare
etag
W/"d189-iWZZVOGBN/H743SpKClog5rZzNI"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
application/json
cache-control
s-maxage=60, stale-while-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
cf-ray
7fbb1b0dce4403ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
158, 1
matomo.php
recordedfuture.matomo.cloud/ 		0
167 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://recordedfuture.matomo.cloud/matomo.php?action_name=therecord.media%2FUS%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large&idsite=2&rec=1&r=666321&h=13&m=2&s=54&url=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&_id=b97c3b3baae9265f&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=qjSQyw&fa_pv=1&fa_fp[0][fa_vid]=UmDr4m&fa_fp[0][fa_fv]=1&pf_net=117&pf_srv=265&pf_tfr=40&pf_dm1=40&pf_dm2=1468&pf_onl=2&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://therecord.media
date
Thu, 24 Aug 2023 11:02:54 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
64dc3ec5-330c-4652-88d3-147ee65e90ba.js
j.6sc.co/j/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
XiK7k1K4G4_9UcBg2.S65sIFd54SfIcU
content-encoding
gzip
date
Thu, 24 Aug 2023 11:02:54 GMT
x-amz-cf-pop
SOF50-P2
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
1176
pragma
no-cache
last-modified
Fri, 31 Mar 2023 18:59:38 GMT
server
AmazonS3
etag
"29e881d3528b8d3d0ef42c057d73a114"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
x-amz-cf-id
5FuC3HwIMgUryfGfo8mlTE_L83FAXZDMMoTugBRkSCeSWmKA2I6lPA==
expires
Thu, 24 Aug 2023 11:02:54 GMT
6si.min.js
j.6sc.co/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: therecord.media
URL: https://therecord.media/us-arrests-tornado-cash-cofounder
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jul 2023 16:27:10 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"64b9605e-bf6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
14190
expires
Thu, 24 Aug 2023 11:02:54 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81bd25754c1ed6347b268c6dc007abeb27b10bb85a09a64e0e5eeb643615a029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90380
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 11:02:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4391
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 24 Aug 2023 11:49:43 GMT
252628.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/252628.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVJ5W86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90bc53fc61c1b23241f570e6e9811ea0d2422e65c26308330f5e1e720f87245
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
82e09160-60d0-4656-83b1-f58890d63652
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
82e09160-60d0-4656-83b1-f58890d63652
last-modified
Thu, 24 Aug 2023 11:00:49 GMT
server
cloudflare
x-trace
2BE4727C8CEFC18E9E47216F0824EB45A2EFDD408E000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://therecord.media
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-5r95m
cf-ray
7fbb1b0e082cbb7d-FRA
expires
Thu, 24 Aug 2023 11:03:54 GMT
configs.php
recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/ 		116 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recordedfuture.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=2&trackerid=8lqoQA&url=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/recordedfuture.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7d29c83f1b3e4937ac5f5449de6e6bf644386979fb53255dc4396dc9bf9e0d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
ef46db3751d8e999.css
therecord.media/_next/static/css/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://therecord.media/_next/static/css/ef46db3751d8e999.css
Requested by
Host: therecord.media
URL: https://therecord.media/_next/static/chunks/main-a054bbf31fb90f6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
586554
traceresponse
00-177c375a43ce99ddbed2429697229326-5d90fcd8a3b6a7df-00
x-cache
HIT, HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
content-length
0
x-served-by
cache-iad-kcgs7200091-IAD, cache-fra-eddf8230056-FRA
last-modified
Mon, 07 Aug 2023 15:52:41 GMT
server
cloudflare
etag
W/"0-189d0b3578c"
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
accept-ranges
bytes
cf-ray
7fbb1b0dee9203ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
6855, 2
events
wa.scribd.com/api/v1/ Frame 814E 		40 B
287 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.19.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.66.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-fra-eddf8230055-FRA
date
Thu, 24 Aug 2023 11:02:54 GMT
via
1.1 varnish
strict-transport-security
max-age=31536000
server
envoy
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://de.scribd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
date
Thu, 24 Aug 2023 11:02:54 GMT
server
envoy
strict-transport-security
max-age=31536000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-upstream-service-time
1
x-served-by
cache-fra-eddf8230074-FRA
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EYNZBT8ZP2&gtm=45je38l0&_p=2068866620&_gaz=1&cid=739710162.1692874974&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692874974&sct=1&seg=0&dl=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&dt=US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therecord.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EYNZBT8ZP2&cid=739710162.1692874974&gtm=45je38l0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYNZBT8ZP2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therecord.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EYNZBT8ZP2&cid=739710162.1692874974&gtm=45je38l0&aip=1&z=890872004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2068866620&t=pageview&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&ul=en-us&de=UTF-8&dt=US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1902830825&gjid=1756418385&cid=739710162.1692874974&tid=UA-9153858-16&_gid=1072151239.1692874975&_r=1&_slc=1&gtm=45He38l0n81PVJ5W86&z=1685282221
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://therecord.media
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
6si.min.js
j.6sc.co/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/j/64dc3ec5-330c-4652-88d3-147ee65e90ba.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jul 2023 16:27:10 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"64b9605e-bf6f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
14190
expires
Thu, 24 Aug 2023 11:02:54 GMT
getuidj
secure.adnxs.com/ 		11 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
an-x-request-uuid
94994cea-bbfa-4c3c-bcb0-323b427777ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://therecord.media
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.22; 217.114.218.22; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/ 		7 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://therecord.media
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		23 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3d61e5b665b285b1cafc83ca925d6e4155a665cbdab72e0cebbd2208a68c422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://therecord.media
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:1b60:2:240:3247::4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692874974602_388391900_588163869_24_1317_32_65_219";dur=1
content-length
23
expires
Thu, 24 Aug 2023 11:02:54 GMT
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
/
c.6sc.co/ 		7 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://therecord.media
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		23 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3d61e5b665b285b1cafc83ca925d6e4155a665cbdab72e0cebbd2208a68c422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 11:02:54 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://therecord.media
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:1b60:2:240:3247::4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692874974667_388391900_588163870_24_1311_32_65_219";dur=1
content-length
23
expires
Thu, 24 Aug 2023 11:02:54 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/gif
image
therecord.media/_next/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://therecord.media/_next/image?url=https%3A%2F%2Fcms.recordedfuture.com%2Fuploads%2Fh1_2023_ransomwares_pivot_to_linux_and_vulnerable_drivers_main_e280d62aa6.jpg&w=1920&q=75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:20b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e06526639decf1b7c4ecd5d47cf1727d87c0bd9fec5624385860908e7caf4d
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/us-arrests-tornado-cash-cofounder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
0
traceresponse
00-177e4cd1fe047e8e6519d4ec45b57287-dc9f3871fffc7dbd-00
x-cache
MISS, MISS
x-nextjs-cache
HIT
x-platform-processor
xgztqld4evaw2suiwyeszt2fga
content-disposition
inline; filename="h1_2023_ransomwares_pivot_to_linux_and_vulnerable_drivers_main_e280d62aa6.webp"
content-length
193304
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-eddf8230039-FRA
server
cloudflare
etag
GeBlJmOd7PG3xOzV1Hzxcn2HwL2f7FYkOFhgkI58r00=
x-platform-cluster
6l7w2dvltmj6g-production-vohbr3y
vary
Accept
content-type
image/webp
cache-control
public, max-age=0, must-revalidate
x-debug-info
eyJyZXRyaWVzIjowfQ==
permissions-policy
geolocation=(self "https://*.recordedfuture.com/")
accept-ranges
bytes
cf-ray
7fbb1b0faabc03ac-FRA
x-platform-router
pzzg6kk2mvryq2jfoxqht4lu3u
x-cache-hits
0, 0
252628.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/252628.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
x-amz-version-id
1DTjZqz8w6c0vLd7dsrtWpmr4CMJx9XZ
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
W7QDT57KD2YMEK9P
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
5ee17a43-bb03-4ed4-a023-42a58a1c8449
age
45
x-envoy-upstream-service-time
75
x-amz-id-2
+NpTSXKp/TAMP+8pLjpf410obC+VmXx5gDc0KraZUH+RBJZ6wWzgbKBO4MlvLo2AXMyehr2iqqo=
x-evy-trace-listener
listener_https
x-request-id
5ee17a43-bb03-4ed4-a023-42a58a1c8449
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 17 Apr 2023 14:55:34 GMT
server
cloudflare
etag
W/"07022bb1d6cfa926ffae0fefc0ebffb7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://therecord.media
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7fbb1b0fedd3692b-FRA
expires
Thu, 24 Aug 2023 11:07:09 GMT
leadflows.js
js.hsleadflows.net/ 		540 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4679 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://therecord.media/
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-encoding
br
age
4969
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js&cfRay=7fbaa1bd99011e4f-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"039461df2d1d43031520c7d3a853f79e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js
date
Thu, 24 Aug 2023 11:02:54 GMT
x-amz-version-id
RIqU3aMZg9szNHjfbC8NSxVkuKgO4.TB
via
1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
3e42afc7-3378-48f7-900e-6c28c0e8deb1
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-request-id
3e42afc7-3378-48f7-900e-6c28c0e8deb1
last-modified
Thu, 03 Aug 2023 01:17:49 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-v9tfr
cf-ray
7fbb1b0ff9b89034-FRA
x-amz-cf-id
JKjHueD1UU8EMIN0N41UcRzXmjcwoAH4UaTpMPRpyKke-BupQrF5iw==
252628.js
js.hs-analytics.net/analytics/1692874800000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1692874800000/252628.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc32c343d38d8fa1f003f6334ecfafbcd215f829dbf8af9456dab7e0b4de6f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
JGRAVNK66P58J0TX
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
43ca9c02-d50d-430e-99a9-3945326110e8
x-envoy-upstream-service-time
20
x-amz-id-2
qnGwlxlPmrczBUHl8w6xG4NVDA1sNFkv6OYnZA8VGzNeUBIgHQThcTj/BUniS7XE5ZlSK6mqHCY=
x-evy-trace-listener
listener_https
x-request-id
43ca9c02-d50d-430e-99a9-3945326110e8
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 14 Aug 2023 15:25:53 GMT
server
cloudflare
etag
W/"b95294fe652ca791b49be98767de003d"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-wrchw
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7fbb1b0fe944368c-FRA
expires
Thu, 24 Aug 2023 11:07:55 GMT
web-interactives-embed.js
js.hubspot.com/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/252628.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e3943c6d2d808f1ec811588ba8fa1b36ce3e3293c723582ae0c1c8820995a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://therecord.media/
Origin
https://therecord.media
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-encoding
br
age
413
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.443/bundles/project.js&cfRay=7fbb10f7a99d911f-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"9c1b36d27e87bdc966683b37987e4641"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.443/bundles/project.js
date
Thu, 24 Aug 2023 11:02:54 GMT
x-amz-version-id
S5kTiYVg2qO0fD3wSMvxzGwc82mXSIcx
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
c921554a-1284-40bc-8735-b5e215a60c89
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
c921554a-1284-40bc-8735-b5e215a60c89
last-modified
Wed, 23 Aug 2023 02:34:03 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yUIMKElgn101RKX8APKwbtxzmx7XSDnP0hl8W8YtqKMJWDHC4SNu6%2FrjYU2v1M%2Fk6hBkuE3UPMHXfVF%2BRorfVaYyEbo4IWGh11MB6pm0VTi0CNUaq1KoR8g62jIAoBAETiapwfFaSM6b1Lx"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-4skbg
cf-ray
7fbb1b0fff5d9180-FRA
x-amz-cf-id
2h1SQTZGhamsWkxVvkWPYeTiw9RxHfUW7o6EZMO869YH8B8Wqswzhg==
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=87a94efc-25a4-443d-880f-dc34b3ca59f5&session=31e182d8-07d9-485a-8ad1-077c2f6a4693&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22edabaa1866fe08952dde1be9ff37302d63145f08%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22f2675e8089b7d209a58fce8ad312f51c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2247c555096cc32557d3e6e7a333d7cb3ea692cee1%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2264dc3ec5-330c-4652-88d3-147ee65e90ba%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Department%20of%20Justice%20unsealed%20an%20indictment%20against%20two%20founders%20of%20Tornado%20Cash%2C%20a%20cryptocurrency%20mixer%20that%20was%20accused%20of%20helping%20North%20Korean%20hackers%20launder%20hundreds%20of%20millions%20of%20dollars%20in%20stolen%20funds.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&pageViewId=6cee2807-35d0-4755-8aef-8e31b491a7d5&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.216.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-216-40.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://therecord.media
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://therecord.media
access-control-max-age
1800
date
Thu, 24 Aug 2023 11:02:54 GMT
server
nginx
details
epsilon.6sense.com/v3/company/ 		770 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.216.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-216-40.compute-1.amazonaws.com
Software
nginx /
Resource Hash
79a43dc611e7ba056eb02ab9d9d8af46eb97b030730cfcee83a42b550f7234db

Request headers

Referer
https://therecord.media/
accept-language
de-DE,de;q=0.9
Authorization
Token 47c555096cc32557d3e6e7a333d7cb3ea692cee1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-6s-CustomID
WebTag 64dc3ec5-330c-4652-88d3-147ee65e90ba

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://therecord.media
access-control-allow-credentials
true
content-length
409
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=87a94efc-25a4-443d-880f-dc34b3ca59f5&session=31e182d8-07d9-485a-8ad1-077c2f6a4693&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Department%20of%20Justice%20unsealed%20an%20indictment%20against%20two%20founders%20of%20Tornado%20Cash%2C%20a%20cryptocurrency%20mixer%20that%20was%20accused%20of%20helping%20North%20Korean%20hackers%20launder%20hundreds%20of%20millions%20of%20dollars%20in%20stolen%20funds.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&pageViewId=6cee2807-35d0-4755-8aef-8e31b491a7d5&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		136 B
993 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=252628&currentUrl=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9487fb1a-1694-465d-beb8-8f9821dbb2b1
content-encoding
br
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9487fb1a-1694-465d-beb8-8f9821dbb2b1
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://therecord.media
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8vzqMvfWu8gbyyAOEWk9afv7Eh8o%2F9zthwHXJTfdYJL9ET3OZ9Iyw%2B%2FQ1%2BPUa8AImgZOZ1%2BMpN6RQXAVLO5q3aengLV9Tw9cnMVAvznFOcy9QhgJ1p4AmayWBhlNX7oHX%2BGHR8ZcjWjVadaLotw0rnWtL06%2B3AHflI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7fbb1b105fde9180-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-2dtzq
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d5bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Thu, 24 Aug 2023 11:02:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
23c553b5-d869-4ec6-8cff-858716f9771a
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
23c553b5-d869-4ec6-8cff-858716f9771a
Last-Modified
Thu, 24 Aug 2023 11:02:55 GMT
Server
cloudflare
X-Trace
2B51C1A1DA0D702B368D625498CEF8459DE46F3020000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-6fhst
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7fbb1b117bac6957-FRA
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4036121453&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&t=US+arrests+Tornado+Cash+co-founder%2C+sanctions+another+who+remains+at+large&cts=1692874975199&vi=b7f344b578c55be89ccdcb6095c8756b&nc=true&u=156209188.b7f344b578c55be89ccdcb6095c8756b.1692874975196.1692874975196.1692874975196.1&b=156209188.1.1692874975196&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
73973cf8-cf42-4ab4-bec7-023e8a5836aa
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
73973cf8-cf42-4ab4-bec7-023e8a5836aa
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6xV8ebALALnltZGOALL1rZ%2FZtjdpesfq8i%2Bk215asLbW%2FlvnHZCKJFeQqmTPyiEeeGd3xZeSAGMRoVuFn0WckXcdRE0ZNKFoabC5cSb1z3k7kWP5R%2BxJXGwlISMsRXJor1c%2FnbyCRyyqHBS882u"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-w76pp
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7fbb1b136dad3669-FRA
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=252628&utk=b7f344b578c55be89ccdcb6095c8756b&__hstc=156209188.b7f344b578c55be89ccdcb6095c8756b.1692874975196.1692874975196.1692874975196.1&__hssc=156209188.1.1692874975196&currentUrl=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7a986dd1359b33c7def90f75571baa134841f82c7ee0cbf197dcfc53b7dd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
aa4dadc6-c23b-4a1b-a5a0-14bb234c8cb0
content-encoding
br
x-envoy-upstream-service-time
26
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
aa4dadc6-c23b-4a1b-a5a0-14bb234c8cb0
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://therecord.media
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp7hGthU%2FEQxlWFPVKUm9A4cM%2FElX2UfXm4%2FPA6DiLebCnk9cnbRX1WBDrO%2BKYZ85tF%2F%2FBz0HdCIod%2BBoXmSF4odi6sjf4jf353eIyI5RL8P74QgsdcCV5ftdV1ZCfIkYJFZBnZ3LwqE4MLUOAEn"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7fbb1b139d319180-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-m2kqt
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2068866620&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&ul=en-us&de=UTF-8&dt=US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=739710162.1692874974&tid=UA-9153858-16&_gid=1072151239.1692874975&gtm=45He38l0n81PVJ5W86&cd1=&cd2=&cd3=&cd4=&cd5=&cd8=&z=559407805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 08:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8828
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=87a94efc-25a4-443d-880f-dc34b3ca59f5&session=31e182d8-07d9-485a-8ad1-077c2f6a4693&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A55%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A54%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Department%20of%20Justice%20unsealed%20an%20indictment%20against%20two%20founders%20of%20Tornado%20Cash%2C%20a%20cryptocurrency%20mixer%20that%20was%20accused%20of%20helping%20North%20Korean%20hackers%20launder%20hundreds%20of%20millions%20of%20dollars%20in%20stolen%20funds.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&pageViewId=6cee2807-35d0-4755-8aef-8e31b491a7d5&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
__ptq.gif
track.hubspot.com/ 		45 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=16&fi=1b047a85-2db0-47ce-a965-8fa2de5a991b&lfi=2694169&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4036121453&v=1.1&a=252628&pu=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&t=US+arrests+Tornado+Cash+co-founder%2C+sanctions+another+who+remains+at+large&cts=1692874975635&vi=b7f344b578c55be89ccdcb6095c8756b&nc=true&u=156209188.b7f344b578c55be89ccdcb6095c8756b.1692874975196.1692874975196.1692874975196.1&b=156209188.1.1692874975196&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1cd55dfb-efd0-44cb-844b-3f790b0305d9
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
20
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1cd55dfb-efd0-44cb-844b-3f790b0305d9
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deRDZspEKuM6Sva%2Ffi51t34IjE70DocSOVDWYCn0gbxs6Fwg%2FHWkMZpIjaUcwSoLQwmpeTlMuiXbl93WLC%2F9YKgGPE%2Beni5NBrAO%2FjZ%2Bjjyltu3DzFmUa2LlVBcEbSQw30J53NW4ysAl2l0Jrip8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-bwpt9
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7fbb1b15cb7b3669-FRA
x-robots-tag
none
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=87a94efc-25a4-443d-880f-dc34b3ca59f5&session=31e182d8-07d9-485a-8ad1-077c2f6a4693&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A55%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222002%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Department%20of%20Justice%20unsealed%20an%20indictment%20against%20two%20founders%20of%20Tornado%20Cash%2C%20a%20cryptocurrency%20mixer%20that%20was%20accused%20of%20helping%20North%20Korean%20hackers%20launder%20hundreds%20of%20millions%20of%20dollars%20in%20stolen%20funds.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&pageViewId=6cee2807-35d0-4755-8aef-8e31b491a7d5&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-58.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:02:56 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
iphone-cd1.jpg
go.recordedfuture.com/hubfs/ 		83 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.recordedfuture.com/hubfs/iphone-cd1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://therecord.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-99167145604,P-252628,FLS-ALL
age
166557
x-amz-request-id
Q5XKKXHW2W0EV50X
x-amz-server-side-encryption
AES256
edge-cache-tag
F-99167145604,P-252628,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="iphone-cd1.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
cf-bgj
imgq:85,h2pri
etag
"f5c3d1b581a50e5c3637310137a43f0e"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1674144065940
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Thu, 24 Aug 2023 11:02:56 GMT
strict-transport-security
max-age=31536000
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
CyJHfLHHqfqm77ShwrX4xZ78eMxn5Xvx
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=229013
x-cache
RefreshHit from cloudfront
cache-tag
F-99167145604,P-252628,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
85082
x-amz-id-2
56oL0QG0lvVbPazD5fT1SJHId4rC7XMAN1r3GvaNksNKsV5c7ZOwjRg/nrxFcJP/BnBjPrZgA4Y=
last-modified
Thu, 19 Jan 2023 16:01:07 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuaGzbTaGXpL%2BNqoUQ9%2Fl6mq7SjXlethXDc%2FPSWwwCfxoOtJ7YZj%2Fevvgv%2FaeE6GyK6iXdqEebfqSWo20OqR%2FDA55G2uT5NSxBb133wRcs5bl2tITy9qzNttNDNrFIYvCYfWRjzskftprF7xNMK1yFFFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7fbb1b1ca8e56928-FRA
x-amz-cf-id
SBxsMFxOgKdF1t3_esQ7DS6dTDrFXyEbeMtvxjGTX9diZCMX_QsBOw==
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=f2675e8089b7d209a58fce8ad312f51c&svisitor=null&visitor=87a94efc-25a4-443d-880f-dc34b3ca59f5&session=31e182d8-07d9-485a-8ad1-077c2f6a4693&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2024%20Aug%202023%2011%3A02%3A56%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%223006%22%7D&isIframe=false&m=%7B%22description%22%3A%22The%20Department%20of%20Justice%20unsealed%20an%20indictment%20against%20two%20founders%20of%20Tornado%20Cash%2C%20a%20cryptocurrency%20mixer%20that%20was%20accused%20of%20helping%20North%20Korean%20hackers%20launder%20hundreds%20of%20millions%20of%20dollars%20in%20stolen%20funds.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22US%20arrests%20Tornado%20Cash%20co-founder%2C%20sanctions%20another%20who%20remains%20at%20large%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Ftherecord.media%2Fus-arrests-tornado-cash-cofounder&pageViewId=6cee2807-35d0-4755-8aef-8e31b491a7d5&an_uid=0&webTagId=64dc3ec5-330c-4652-88d3-147ee65e90ba&v=1.1.5

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| __cfQR object| dataLayer object| _paq object| _mtm object| d object| g object| s boolean| __cfRLUnblockHandlers object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E function| setImmediate function| clearImmediate object| __BUILD_MANIFEST function| __MIDDLEWARE_MANIFEST_CB object| __SSG_MANIFEST object| MatomoTagManager object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __MIDDLEWARE_MANIFEST function| processEpsilonData string| epsilonName boolean| enabled function| callback number| version object| _6si string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| _hsp boolean| _storagePopulated object| _hsq object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| __hsWebInteractiveInstance object| hsConversationsOnReady boolean| hubspot_web_interactives_running boolean| _hspb_ran boolean| _hspb_loaded object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN function| sanitizeKey boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hstc_loaded boolean| LEAD_FLOW_DOCUMENT_READY_RAN

18 Cookies

Domain/Path Name / Value
.scribd.com/ Name: scribd_ubtc
Value: u%3D9c0a84fd-f232-4c9c-b8f4-b10c53d06b3b%26h%3D3AYsFNL2M%2B75b1T3Tx0sJi6kBpxV0tJ8lAZO9dHTOmo%3D
.therecord.media/ Name: _pk_id.2.de70
Value: b97c3b3baae9265f.1692874974.
.therecord.media/ Name: _pk_ses.2.de70
Value: 1
.therecord.media/ Name: _ga_EYNZBT8ZP2
Value: GS1.1.1692874974.1.0.1692874974.60.0.0
.therecord.media/ Name: _ga
Value: GA1.2.739710162.1692874974
.therecord.media/ Name: _gid
Value: GA1.2.1072151239.1692874975
.therecord.media/ Name: _gat_UA-9153858-16
Value: 1
therecord.media/ Name: _an_uid
Value: 0
therecord.media/ Name: _gd_visitor
Value: 87a94efc-25a4-443d-880f-dc34b3ca59f5
therecord.media/ Name: _gd_session
Value: 31e182d8-07d9-485a-8ad1-077c2f6a4693
.6sc.co/ Name: 6suuid
Value: 362b351721371e00de38e764970300006d2f2100
.therecord.media/ Name: __hstc
Value: 156209188.b7f344b578c55be89ccdcb6095c8756b.1692874975196.1692874975196.1692874975196.1
.therecord.media/ Name: hubspotutk
Value: b7f344b578c55be89ccdcb6095c8756b
.therecord.media/ Name: __hssrc
Value: 1
.therecord.media/ Name: __hssc
Value: 156209188.1.1692874975196
.hubspot.com/ Name: __cf_bm
Value: ZQaQObEcPPrRvQr9OSxQ7NdZ0ORl47zULyup4_..j7E-1692874975-0-AWH5m7XS1JpUWP+hp0r6l5qyAM7LyoL4a/RS9OjXpLc31YFcsY3lw6/6nvdCFtKv131cywJeJqPaDdt4/lSOTP8=
.go.recordedfuture.com/ Name: __cf_bm
Value: 3dyokworFnVsup0j7_nHewNLDACPry1Iv6e1ZCyrADs-1692874976-0-AV+yOlBidec1kuFACQMhmUUwEZWkxMJeHFATy61UbTZG1QpAK/mVuFgYS7GBvelbLW7npWi90KwLDC4YTaVP6Dc=
.go.recordedfuture.com/ Name: __cfruid
Value: 44477fc314a9336dd5bc77a6c4d875f53d1df1ed-1692874976

2 Console Messages

Source Level URL
Text
network error URL: https://sentry.io/api/282187/envelope/?sentry_key=21588782029b459685064c03453673ff&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://www.googletagmanager.com/gtag/js?id=G-F540L9EG7D&cx=c&_slc=1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.6sc.co
browser.sentry-cdn.com
c.6sc.co
cdn.matomo.cloud
cms.therecord.media
connect.facebook.net
cta-service-cms2.hubspot.com
de.scribd.com
epsilon.6sense.com
forms.hubspot.com
go.recordedfuture.com
html.scribdassets.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
perf-na1.hsforms.com
recordedfuture.matomo.cloud
region1.analytics.google.com
s-f.scribdassets.com
secure.adnxs.com
sentry.io
stats.g.doubleclick.net
therecord.media
track.hubspot.com
wa.scribd.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.recordedfuture.com
www.scribd.com
b.6sc.co
151.101.194.152
151.101.66.152
172.64.144.145
18.157.122.248
18.232.216.40
2001:4860:4802:34::36
23.53.43.58
2600:9000:223f:7800:c:7d55:b3c0:93a1
2606:2c40::c73c:6702
2606:4700:4400::6812:20b5
2606:4700:4400::6812:22e5
2606:4700::6810:d5bf
2606:4700::6811:4679
2606:4700::6811:d76
2606:4700::6812:7641
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9c
2a02:26f0:480:23::1726:629c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::729
35.186.247.156
37.252.171.52
0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576
04b586d07a484c8434549bce3719c6b222f543da3992280d7d0e5aba73e58cc7
079fe7f9b80f1a0d14e71a2f165e6a16755344f4967054fe40bf6789cba5e9b2
095f8f076fd57fd6f6192956a6b4248bdd758e9fbb0435270a735b0797081235
0cf0a9a1a36e4b44c5559a8dbe24d0682a9a6b1510eec7736ce87d6b211f301c
0fdfd82672c8467fa37b98ac9080627b3fec34428876b4f587168b73189bf532
11bc5c5457d219bd5836c09acf8b0b335ff4b6be3cb66d60e9478b09967c5029
14b00febe987d71958faca829545db59a11090c9e5dde8e5140a24418de55f0d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1711fd45fb826ea701d1bc942ca2831eb5a9e65d4e12e279d772ec707fb860f8
19e06526639decf1b7c4ecd5d47cf1727d87c0bd9fec5624385860908e7caf4d
19f08a382033989fb9a71da27e0fe90fec75944b71dd6d567dc803138b935fb6
1a733e0203953f59ae18374fdc6fbb49a91b1297700196cf01b58ada61f95048
1b9d5a62513a369a10224f1dc73a463dc165eb58bd798dbb4cb4810ca2b5c79f
1bc32c343d38d8fa1f003f6334ecfafbcd215f829dbf8af9456dab7e0b4de6f3
1dbf4a2619ad865a2bd677ca5f72b04141d33349241188e7815876c338414d70
211f58ad68b988642c5226dc1ef813eb1dc34f4949559ee839be6b894a22a401
22c61f5615faf576e5dcb4d523cb1963a847b2140c77cdc39483fb8d344f1a07
22fe8a03c997dec3ecfd2e02fe7e9f6770011a4c8e9ea3efd668199286e57dd7
23a48288df939d8937537687cd4e52bb4b2eaa4553b06f9c2ef94a2acc7e06d0
27e3943c6d2d808f1ec811588ba8fa1b36ce3e3293c723582ae0c1c8820995a6
2ad83f2446566c5ecf7c261cc07884a5d5f71965b5df8fd7bb809f83a42bf470
2d52a47e1f838e87de146f42142f2aeaeae8780d2f7b0cc3e923b28ab1500469
2df2b5ceefd23dd833a8b9f668ecd8825f39f67d81b723f346c9fb94e6f369e8
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3220a852e0363bd4cac2489ce307ed992f147f460d3f9307a60b7cc80879bc4a
34b064bc22045cb382405207509aa00b699f8904d496f5d75605f5dd9c89d93f
3be05a5ae65c9f1503ea8c0fde247c5eab10e5958f789c89a87445330b22c62e
3fd00743c85dd2aa113bdf3ede6fb1e37f6950c3f7b436c01fa9dea55d454186
4300940f5b84d5732f7df86d472c23961aac9ec30cfeff3e6212f0129e4a5d2e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
494a9c8817786531126dd245c93f8a85aa6afa405c7b8a2e45b667538470ce7a
4a112e69921f342a5e8d4f74259c57ee27ba7c9ccfe91fd63d0eb49d9a0ada43
522c4e6492b687b190d93dbbd87e064351d018ca584808a65d614eae19eb2bb0
5490b7bdcb3f09e2af0ad9c832d2c2168ad0a2b59f9af5b550137cb949eede31
54c76c41df5975085389626fc4c3920abdc817d033688ab9d9a98a362ad2f2e7
556df5f008942a56a86bdebc03321b47480063fe98b99cb327366c5256d6dee7
5585d6425d2cf3e7f0518aec3259524fa12f776d368f7c61dbcd542d397a857e
58b7835fb7b6028146a46edd3ef238b71759d0a5d597ce39f90b7de730899e92
5a9871378dc909adc434b3d57c8508d10c172b76e64cb2576aae7e70a7df2cec
60166a8b139130d25fff588b408fd484be1d66f2892980ebada3fabbc100a22d
61cc8966ac99c97a046a5ba81aa26e1b00b0dfb07003f47bc764b234ace14b5d
6361d4ca5755da11baea60a0b2505efd61cc5cac97ea72f6fc09a75555236a78
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fb145f1185850a1f9937c5d5afb3260adbcef791d0a94e1c09b54aa00808982
6fb3140db2839cabd3662044ef7791206df377b2211046abc71dd039f05fe082
7023986e7a9d6fdb7fc515630541d9be6bd7bbef47389c1f14bd83eecac0b040
72f3d082699ac4936a2eaf44314d20f1aeb7e234088bd36f863d64a131a18ed0
79a43dc611e7ba056eb02ab9d9d8af46eb97b030730cfcee83a42b550f7234db
7b0b9f163454a2d476c3930174ed354b5d661060c2a2581e434f8b0b74392d76
7d29c83f1b3e4937ac5f5449de6e6bf644386979fb53255dc4396dc9bf9e0d40
81bd25754c1ed6347b268c6dc007abeb27b10bb85a09a64e0e5eeb643615a029
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8475a0bfbe2b6af03e5c41083b793a11a56f2ff9b9a23ac0b755bc070df51d8c
8a0a222faa2c0dabfd7dadc2fccfc6927ecd54f8836f1f260dbf1ca2700664a7
8d9178fc9b6f97f7fccee4baa65c3cd25b1a8cc5d6d5780efeb7968f9f32f26d
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9239f316beef45cfc6ba7c2b31298e0da40af5924c7c20894960238ede334d68
96ea6b1e986879257e104371bf5f0cb0bf2bb9957a1aa73fa9df8be99aeeb157
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
995d8d7f5fead6ae54991a8d6efe58bef201d6e9120245253bb68e6aa3ac860c
a0b1f949528f7a3a2d2ff3b6df67c6c1b5cb8f62a2eba6eb5e06adff2d5795f3
a676aed704bd951a57a3984cc3321cfb7cbb84423e1971359b8c598cd694cf90
a8f17ad07341326b7000c0ddc23226484b699cda0ee4881cf2e36bc2beb57e66
a9ee2606d8749bf786d58c0d2c5f78e60ca6abd695e21ebd274fd28c560bcaf9
ab221b9e81a8439634c9f73c15c96457f75d3632fea1f6256fa4833acc6a314a
ae3536ecd79c98f87387cee9060be3053e0eb8fe0871e7336554812ef8138772
afd5e3f132027bd508d1e1b1dc588201361d0b5d6e506f4dd505cda95df7773e
b09b2e5b9e018d2798069d620ee771bfd95104eee8df1984232c77700a692bcf
b310f6ca0d12500d3d264aa9cc241256f55d65dbdb782485b5bd542d8ff97a8f
b90bc53fc61c1b23241f570e6e9811ea0d2422e65c26308330f5e1e720f87245
b9cd3d28d3be36021550a51ce1d85ce63cf1385383b48481981da767d6a6ba8d
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bae3305d5151d595126e6dc587caf9a0b5d9b118789e5466674d44ead9799a9c
c3d4a55ed4df5b9056b99c6997a232c5a5fdc05e2933dd82b7ef504fde87b0b2
c6421f609cd61551ff948070601ddc54727d75ed1d42b77a65f349438ceab3c3
c737febd14f7515dc46ce2beed2deab9fb143ee07a1954c041b0f461429c1d62
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce26ce80e2600bac966a056baf7f56e2846350d5d3674d8a2a01adfc4700c329
d1bb89b263061363ceb33944389da5dee8d2c2f13e98f02b898d6dc06b25b4ad
d35ac1a2897025e52f3200f8de969cba33aa793abb8986a362e121c08352821d
d59678d4894700c8b25fdc2f3e8458b35a6e22c0d99e6cb88e47416f562a3b72
d8b9c2be7aac023e9135024d20bcb49c9be6be7e0289664e99f996dc56102c2e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e1885518498078290fc8152f0618b843ebfa8df10726b4571b11ec0355be9ee3
e2ea411b32eb0f8f7ecee62a4a599e510c68d51c04b0246e436a50ea016b70e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d61e5b665b285b1cafc83ca925d6e4155a665cbdab72e0cebbd2208a68c422
eb7a986dd1359b33c7def90f75571baa134841f82c7ee0cbf197dcfc53b7dd8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef74c2cbc1486fc7c99ab2d1597a7e3394f68f3f1c7279d1d5776dbe4f6601ca
f036a45770ce2ad43dfee7f4eac8f8b3784608a24ff00c63dd56704434e014e8
f05f604b5bc5827cd379943a22d56150a7d9d444b6a9b3f16cb0b4f84f15cf5a
f084f40ddabbf16c59e0d2e8c13f2b2c927121892f452bdd87395df212e93635
f4a429e19ae0239a202ec24cf9c43bcde2b33843ff1726b13e05f3540ed11c09
f6d1c4aa4948cbb16037959abb65de33038714d3c1fcf977d90eb02a8e50814b
fd7dd34987dd16e75bc9d563140342927ddfa574871937f3fee35686922fa496
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff343d0b208c9edddd590cb86136579d48b7dad0660ef2f64281ebda39d660d9